Security

ArchNGN is built with strong security practices to keep your enterprise architecture and business data safe and secure at every layer. This includes relying on state-of-the-art infrastructure, secure encryption, and independently verified security controls provided by our infrastructure partners.

Shared responsibility

Under our shared responsibility model, ArchNGN secures the application layer and underlying Google Cloud Platform (GCP) infrastructure. This includes protecting the backend services, databases, and deployment environments against threats through security controls, monitoring, and automated private networking configurations.

Customers are responsible for how they use ArchNGN. This includes configuring workspace access safely, maintaining the security of Firebase Authentication credentials, determining what metamodel and object data is uploaded to our platform, and managing secure API keys or integrations.

Certifications

ArchNGN is currently undergoing certification for the following:

• SOC2 Type II
• ISO 27001
• GDPR
• HIPAA

For specific questions about compliance or organizational capabilities, please reach out to us directly at security@archngn.com.

Data regions

ArchNGN account regions are considered global with the exception of Enterprise accounts. Speak to your account manager during setup to configure the region that suits your needs. The enterprise regions available are:

• United States
• European Union
• Asia & Oceania

Region-based components include all core infrastructure: primary databases, object storage, background task queues, compute instances, and AI services.

Core Firebase services used for authentication remain subject to standard Firebase multi-region and routing implementations.

Report a vulnerability

If you suspect a security issue or vulnerability within ArchNGN, we ask that you report it to us immediately so we can fix it.

Please send all security-related reports and inquiries to: security@archngn.com.